<? include ("../init.php") ?>
<?
  $detail = addslashes($_POST['detail']);
  $date = strtotime($_POST['date']);
  $title = addslashes($_POST['title']);
  

  $sql = "INSERT INTO hs_news(news_date, news_detail,news_title) VALUES('$date','$detail','$title')";

  $db->execute($sql);
  
  if(isset($_FILES["news_img"]) && is_uploaded_file($_FILES["news_img"]["tmp_name"]) && $_FILES["news_img"]["tmp_name"]!=''){
    $news_id = $db->lastInsertedId();
    $handle = new Upload($_FILES['news_img']);
    if ($handle->uploaded)
    {
      $handle->image_resize = true;
      $handle->image_ratio_fill = true;
      $handle->image_x = 220;
      $handle->image_y = 160;
      $handle->Process('../../images/news/'.$news_id);
      
      if ($handle->processed)
      {
        $sql = "UPDATE hs_news SET news_img='".$handle->file_dst_name."' WHERE news_id=$news_id";
          if(!mysql_query($sql))
          {
            @unlink('../../images/news/'.$news_id.'/'.$handle->file_dst_name);
          }
      }
      $handle->clean();
    }
  }
  
  header("Location:index.php");
?>